You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

I recently installed XP SP2 after a virus infected my PC. I got it cleaned but I never trust a system after that. I noticed that when I google search things that seekfor.info would appear in the address bar and I would be taken to some weird website. I have run MalwareBytes, SuperAntiSpyware, Hijackthis and CCleaner in normal and Safe mode, they found and cleaned things but still have the issue. I use Firefox only. I have not installed SP3 yet, when I noticed this I wanted to get it cleaned up before I install. Minus SP3 I have all the Windows updates.

Your System is infected with Virut!!Virut is a file infecting virus which is able to modify itself each and every time it runs. In addition, when it infects, sometimes it will destroy the file it tries to latch onto.For these reasons, you really can't truly fix Virut. You will need to format/reinstall the operating system on this machine.

W32/Virut.h is a polymorphic, entry point obscuring (EPO) file infector with IRC bot functionality. It can accept commands to download other malware on the compromised machine.It appends to the end of the last section of executable (PE) files an encrypted copy of its code. The decryptor is polymorphic and can be located either:Immediately before the encrypted code at the end of the last sectionAt the end of the code section of the infected host in 'slack-space' (assuming there is any)At the original entry point of the host (overwriting the original host code)

Thank you for the response. I did a little searching on the files the scans picked up and wasnot pleased with what I was reading.

I do have a question or 2. I have 2 hard drives in my PC with a few partitions. Is it just my C partition that I have to worry about or do I need to wipe out all of it and start new? I read a few posts out there that mentioned having to wipe all info on the PC but never saw a clear answer. Also I see it infects EXE, SCR and HTML files. I am curios if my pictures are safe? And I have been editing a few movies...are those files safe?

Nothing is safe once infected.........your safest route would be to cut your losses and start over. You have no idea how hard it is for me to tell you that, but it's in your best interest that I do. I have a person right now that was told the same thing, but he went ahead and put pictures and other things on a DVD from the infected machine anyway, and reinfected his nice clean install of Windows. He didn't listen and now has to do it all over again.

tea

Please make a donation so I can keep helping people just like you.Every little bit helps! You can even use your credit card! Thank you!

I read a few more posts and almost everyone said the same: you have to format all drives connected. So I started that process. I too backed up a few things but I have the disk labeled Infected and didn't put the stuff back on my PC. But it was pics of friends that are no longer with us so I sorta had to. My hope is since this thing is so rampant right now that they might have a cleaner for it in the future and I can look at them again. I am getting updates and stuff now. Fingers crossed its over.

To all those reading this: This is only the 2nd time I have lost everything on all drives in the many many years of owning a PC. BACK YOUR STUFF UP!! lol.